Applicant : S ean Brennan 

For: System and Method for Accomplishing Two-Factor User Authentication 

Using the Internet 

1 1. A method of implementing token-based electronic security across multiple secure web 

2 sites, in which the user has a security token, comprising: 

3 storing unique token identification information, and the seed value of each token, in a 

4 security system; 

5 requiring the user, upon login to a secure web site, to enter at least the code generated by 

6 the user's token; 

7 passing the user's token code from the web site to the security system; 



using the security system to verify whether or not the user's token code was generated by 

■» 

■i <* n 

iy the user's token; and 



|fp passing the verification information from the security system to the web site, for use in 

S C m 

4 1 web site security. 

f^l 2. The method of claim 1 wherein the requiring step further requires the user to enter a user 

J 1^2 name and user password. 

1 3 . The method of claim 2 further comprising the step of: 

2 the web site verifying the user name and user password before passing the user's token 

3 code to the security system. 

1 4. A method of accomplishing two-factor user authentication, comprising: 

2 providing two separate user authentication methods; 

3 enabling a user to communicate authentication data for both authentication methods to a 

4 first web site using the internet; 
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5 enabling the communication of at least some of the authentication data from the first web 

6 site to a second web site using the internet; and 

7 wherein both web sites are involved in user authentication using the authentication data. 

1 5. The method of claim 4, wherein the first web site initially authenticates the user based on 

2 the data relating to one of the authentication methods. 

1 6. The method of claim 5, wherein the second web site completes user authentication based 

2 on the data relating to the other authentication method. 

1 7. The method of claim 6, wherein the first web site communicates with the second web site 

2 only if the user is initially authenticated. 

C3L 8. The method of claim 7, wherein the first web site communicates to the second web site at 

»- ' «-»-, 
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J!i2 least data relating to the other authentication method, and user-identification data. 
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§ si 9. The method of claim 4, wherein one authentication method employs a password. 

1 10. The method of claim 4, wherein one authentication method employs a token. 

HI 11. The method of claim 10, wherein the token is hardware-based, and generates a code that 

IH2 comprises at least some of the data for the authentication method. 

j- ***** 

^ 1 12. The method of claim 1 1 , wherein the token is a stand-alone, portable device. 

1 13. The method of claim 1 1 , wherein the token is USB-based and is accessed by a browser, 

1 14. The method of claim 1 0, wherein the token is software-based, and generates a code that 

2 comprises at least some of the data for the authentication method. 

1 15. The method of claim 14, wherein the token comprises a browser plug-in. 

1 16. The method of claim 4, wherein one authentication method employs a fixed complex 

2 code. 
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1 7. The method of claim 1 6, wherein the fixed complex code comprises a public key 
infrastructure. 

1 8. The method of claim 4, wherein one authentication method is software-based. 

19. The method of claim 4, wherein at least one user authentication method can be used 
across multiple web sites. 

20. The method of claim 10, wherein the token is embedded in a device such as a cell phone. 
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